If I want to use wordpress as my CMS, I'm going to be interested in hiding the fact that I am using wordpress behind the scenes, for security reasons and otherwise. How do I effectively do that?
I am looking for a foolproof way in practice, but I am open to any suggestions right now.
Well, one thing I would suggest is to remove the WordPress version meta tag from the header. Just edit the header template in your theme. Another thing would be to use mod_rewrite to hide all the script whizzbangery that WordPress uses. One dead giveaway is the /wp-admin/ directory which leads to the admin backend. Maybe change it to something like just /admin/ or something like that. Doing that should hide most things I believe.
Well, now that I think about it I'm not sure how easy it would be. You could use an .htaccess file to fake a 404 (or whatever) when someone tries to go to /wp-content/ or similar but the only problem with that is it would also block WordPress itself from getting there and then everything would break.
However, I have heard of people being able to put WordPress itself in a sub-folder of your main site and then link to it from the root. So, people could get to your WordPress site at www.mysite.com and WordPress would actually be located in www.mysite.com/this/sub/folder/here/. Then to make sure nobody could find it you could make the sub-folder a weird name like gi2345kjb or something and don't allow search engines to index it. Check this out. Just an idea...
Reply With Quote
Bookmarks